Skip to main content
Universal Components allows you to build a self-service administrative dashboard within your own application. This enables your B2B customers delegated as administrators to your Auth0 Organization to manage their own branding, identity providers, and verified domains without the need to access Auth0 Dashboard or require a support team for basic administrative actions.

How it works

Universal Components leverages the My Organization API, which operates on user-scoped tokens, to create a Self-Service SSO Administrative Dashboard. When an administrator logs into your dashboard embedded in your application, the Auth0 SDK retrieves an Access Token containing Organization-specific scopes for admin privileges. The components use this token to call the API as the logged-in user, ensuring delegated administrators can only modify the specific Auth0 Organization to which they belong.

Available components

Each component is mapped to specific endpoints within the My Organization API to perform administrative tasks.
ComponentDescriptionMy Organization API endpoint
OrganizationDetailsEditEdit Organization settings including name, display name, branding colors, and logo with built-in validation and API integration./me/organizations/{id}
SsoProviderTableDisplay and manage SSO identity providers with a comprehensive table interface including create, edit, delete, enable/disable, and remove from Organization capabilities.
SsoProviderCreateMulti-step wizard for creating SSO providers with provider selection, details configuration, and authentication setup for Okta, ADFS, SAML, OIDC, Google Workspace, Azure AD, and Ping Federate./me/organizations/{id}/domains
SsoProviderEditComprehensive SSO provider management with tabbed interface for configuring authentication settings, enabling provisioning with SCIM tokens, and managing domain associations.
DomainTableManage Organization domains with create, verify, delete, and identity provider association capabilities in a unified table interface./me/organizations/{id}/domains

Configure Auth0 Dashboard

Before using any My Organization components, you need to configure your Auth0 tenant with the proper APIs, applications, and scopes.
Auth0 Dashboard Configuration - Complete all steps below before using My Organization components.

Create Application

This example uses a Single Page Application (SPA). For server-side rendered React frameworks, refer to the Next.js tab.
  1. Navigate to Auth0 Dashboard > Applications > Applications. Select Create Application.
  2. Choose Single Page Web Applications.
  3. In the Settings tab, add http://localhost:5173 to the following fields:
    A. Allowed Callback URLs
    B. Allowed Logout URLs
  4. Under Login Experience, select:
    A. Business users.
    B. (Optional) Prompt for Organization.

Enable the My Organization API

  1. Navigate to Dashboard > Applications > APIs.
  2. Select My Organization API and ensure it is enabled for your tenant.

Configure Application Access

  1. Navigate to the Application Access tab.
  2. Select Edit for your Application you want to use.
  3. Configure the following settings:
    A. Connection Profile: Select or create a profile with connection attribute mappings.
    B. User Attribute Profile: Select or create a profile with user attribute mappings.
    B. Supported Identity Providers: Enable providers your customers can use.
    C. Connection Deletion Behavior: Choose Allow or Allow if Empty.
    • Allow: Users can delete connections, which deletes all users from that connection.
    • Allow if Empty: Users can only delete connections with no users.
      D. User Access Authorization: Choose Unauthorized, Authorized, or All.
    • Unauthorized: No permissions allowed.
    • Authorized: Select specific permissions.
    • All: Include all existing and future permissions.
      E. Client Credential Access Authorization: Choose Unauthorized, Authorized, or All.
  4. Select Save.

Setup Database & User

  1. Navigate to Auth0 Dashboard > Authentication > Database to create a database connection.
  2. Select the Applications tab of the connection, enable your new SPA application.
  3. Create a test user in this database for initial testing.

Setup Role

  1. Create a role (e.g., “Organization Admin”).
  2. Add the required scopes from the My Organization API to the role.
    read:my_org:details
    update:my_org:details
    create:my_org:identity_providers
    read:my_org:identity_providers
    update:my_org:identity_providers
    delete:my_org:identity_providers
    update:my_org:identity_providers_detach
    create:my_org:identity_providers_domains
    delete:my_org:identity_providers_domains
    read:my_org:domains
    delete:my_org:domains
    create:my_org:domains
    update:my_org:domains
    read:my_org:identity_providers_scim_tokens
    create:my_org:identity_providers_scim_tokens
    delete:my_org:identity_providers_scim_tokens
    create:my_org:identity_providers_provisioning
    read:my_org:identity_providers_provisioning
    delete:my_org:identity_providers_provisioning
    read:my_org:configuration
The user’s token will only include permissions that exist in both their assigned role and the User Access Authorization settings configured in the previous step.

Create Organization

  1. Navigate to Organizations > Create Organization.
  2. Configure the Auth0 Organization:
    A. In Members: Add your test user and assign the “Organization Admin” role.
    B. In Connections: Enable your database connection.

Configure Environment Variables

  1. Create a .env file in the root of your React project:
  VITE_AUTH0_DOMAIN=your-domain.auth0.com
  VITE_AUTH0_CLIENT_ID=your-spa-client-id
You are responsible for ensuring that your use of the My Organization API and Embeddable UI Components comply with your security policies and applicable laws, including any permissions granted to your end users.
User must be authenticated and a member of the Auth0 Organization. Components automatically load Organization data from current user context. To learn more, read Auth0 Universal Components for installation and Auth0ComponentProvider configuration